{"id": "SECURITYVULNS:VULN:13618", "bulletinFamily": "software", "title": "Cisco UCS Director default credentials", "description": "default root account is accessible via ssh.", "published": "2014-03-20T00:00:00", "modified": "2014-03-20T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13618", "reporter": "CISCO", "references": [], "cvelist": ["CVE-2014-0709"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:54", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d300167ccc2d35669822859ed092704d"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "d7a5580409098cbbf1c58808a0fa160e"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "dc3166ea5bbd2f15041aec293d468ab9"}, {"key": "href", "hash": "23693b153a8209d785cad4867a3a1942"}, {"key": "modified", "hash": "0134fe69dea3f5ef944877e85fc04a11"}, {"key": "published", "hash": "0134fe69dea3f5ef944877e85fc04a11"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "2e9d0015563e8f6c3614c219c759934c"}, {"key": "title", "hash": "9bb6f729e4d2c79ab69adb32daf55dd9"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "8aa63baefff4e801ca9c8bac8b3db82f481b7e8e19b03f25e31a372118c24eb2", "viewCount": 1, "enchantments": {"score": {"value": 10.0, "vector": "NONE", "modified": "2018-08-31T11:09:54"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0709"]}, {"type": "seebug", "idList": ["SSV:61513"]}, {"type": "cisco", "idList": ["CISCO-SA-20140219-UCSD"]}], "modified": "2018-08-31T11:09:54"}, "vulnersScore": 10.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "UCS Director", "operator": "eq", "version": "4.0"}]}

{"cve": [{"lastseen": "2017-04-18T15:54:29", "bulletinFamily": "NVD", "description": "Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.", "modified": "2016-09-08T14:58:28", "published": "2014-02-22T16:55:09", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0709", "id": "CVE-2014-0709", "title": "CVE-2014-0709", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:32:27", "bulletinFamily": "exploit", "description": "Bugtraq ID:65666\r\nCVE ID:CVE-2014-0709\r\n\r\nCisco Unified Computing System\u901a\u8fc7\u5c06\u7edf\u4e00\u8ba1\u7b97\u3001\u7f51\u7edc\u3001\u5b58\u50a8\u8bbf\u95ee\u548c\u865a\u62df\u5316\u6574\u5408\u5230\u4e00\u4e2a\u7cfb\u7edf\u4e2d,\u7b80\u5316IT\u7ba1\u7406\u5e76\u63d0\u9ad8\u7075\u6d3b\u6027\u3002\r\n\r\nCisco Unified Computing System Director\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u5b8c\u5168\u63a7\u5236\u8bbe\u5907\u3002\u6f0f\u6d1e\u662f\u7531\u4e8e\u5b89\u88c5\u8fc7\u7a0b\u4e2d\u521b\u5efa\u4e86\u9ed8\u8ba4\u7684root\u7528\u6237\u8d26\u6237\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u8be5\u8d26\u6237\u8fdc\u7a0b\u8bbf\u95ee\u670d\u52a1\u5668CLI\uff0c\u63a7\u5236\u8bbe\u5907\u3002\n0\nCisco UCS Director < 4.0.0.3\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nCisco\r\n-----\r\nCisco UCS Director 4.0.0.3\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.cisco.com/public/sw-center/", "modified": "2014-02-21T00:00:00", "published": "2014-02-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61513", "id": "SSV:61513", "title": "Cisco Unified Computing System Director\u9ed8\u8ba4\u9a8c\u8bc1\u51ed\u636e\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "cisco": [{"lastseen": "2017-09-26T15:33:56", "bulletinFamily": "software", "description": "A vulnerability in Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to take complete control of the affected device.\n\nThe vulnerability is due to a default root user account created during installation. An attacker could exploit this vulnerability by accessing the server command-line interface (CLI) remotely using the default account credentials. An exploit could allow the attacker to log in with the default credentials, which provide full administrative rights to the system.\n\nCisco has released software updates that address this vulnerability. \n\nWorkarounds that mitigate this vulnerability are not available.\n\n This advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd\"]", "modified": "2014-02-26T14:23:46", "published": "2014-02-19T16:00:00", "id": "CISCO-SA-20140219-UCSD", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd", "type": "cisco", "title": "Cisco UCS Director Default Credentials Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}